Embed Size (px)
Citation preview
Blockchain & Money
Class 5 1September 20, 2018
Class 5 (9/20): Study Questions • How does Bitcoin record transactions? What is unspent transaction
output (UTXO)? What is script code embedded in each Bitcoin transaction and how flexible a programming language is it?
• As many design features pre-date Bitcoin, what was the novel innovation of Santoshi Nakamoto?
• Who is Satoshi Nakamoto? (Only kidding a bit.)
2
Class 5 (9/20): Readings
• ‘Bitcoin’s Academic Pedigree’ Narayanan and Clark
• ‘Making Sense of Cryptoeconomics’ CoinDesk
3
Class 5 Overview
• Transaction Inputs & Outputs • Unspent Transaction Output (UTXO) • Scripting language
• Blockchain Design – Putting it All Together • Bitcoin’s Academic Pedigree
• Who is Satoshi Nakamoto?
• Conclusions 4
Transaction format
Uniquely identifies an
output
Input Output Previous transaction ID Value
Index
In satoshis 108 = 1 bitcoin
Public Key(Bitcoin Address)
Signature
A “coin”
lock_time 5
Transaction format Inputs > Outputs Multiple Inputs & Outputs Inputs – Outputs = Fees
Inputs Outputs TXID 6, IDX 3, Dsig1
3 BTC
TXID 20, IDX 2, Dsig2 2 BTC
TXID 42, IDX 5, Dsig3 5 BTC
Bitcoin Address 1 6 BTC
Bitcoin Address 2 3 BTC
Bitcoin Address 3 0.9 BTC
Sender’s Change
lock_time 6
Coinbase Transaction
Reward for Solving Proof of Work
• Only Input is the Coinbase Block Reward
• Reward halves (1/2s) every 210,000 blocks
• Currently 12.5 Bitcoins per block
• Originally 50 Bitcoin per block
• Output may not be used as a Transaction Input until another 100 Blocks
• Recorded as First Transaction in Merkle Tree
• May Include 100 bytes of arbitrary data
• Used for Additional Nonce
• Genesis Block included Headline from Financial Times:
‘The Times 03/Jan/2009 Chancellor on brink of second bailout for banks’ 7
Unspent Transaction Output (UTXO) Set Bitcoin transaction outputs that have not been spent at a given time
• Contains All Currently Unspent Transaction Outputs
• Speeds up Transaction Validation Process
• Stored using a LevelDB database in Bitcoin Core called ‘chainstate’
8
Unspent Transaction Output (UTXO) Set
vs. 30 M Txs
vs. 100 M Txs
vs. 342 M Txs
9Source: Blockchain.com – 9/17/18 Courtesy of Blockchain Luxembourg S.A. Used with permission.
Bitcoin Script
Programing Code used for Transactions
• Stack-based Code, with no Loops (not Turing-complete)
• Provides a Flexible Set of Instructions for Transaction Validation and Signature Authentication
• Most Common Script Types in UTXO: • Transaction sent to Hash of Bitcoin Address – ‘Pay-to-PubkeyHash’ (81%)
• Transaction sent to Hash of Conditional Script – ‘Pay-to-ScriptHash’ (18%)
• Transaction subject to Multiple Signatures – ‘M of N Multisig’ (0.7%)
• Transaction sent to Bitcoin Address – ‘Pay-to-Pubkey’ (0.1%)
(Source: Perez-Sola, Delgado-Segura, et al.) 10
Blockchain Technology timestamped auditable database network consensus protocol append-only log
Secured via cryptography Addresses ‘cost of trust’ • Hash functions for tamper (Byzantine Generals problem)
resistance and integrity • Permissioned• Digital signatures for consent • PermissionlessConsensus for agreement
11
Bitcoin – Technical Features • Cryptography & Timestamped Logs
• Cryptographic Hash Functions • Timestamped Append-only Logs (Blocks) • Block Headers & Merkle Trees • Asymmetric Cryptography & Digital Signatures • Addresses
• Decentralized Network Consensus • Proof of Work • Native Currency • Network
• Transaction Script & UTXO • Transaction Inputs & Outputs • Unspent Transaction Output (UTXO) set • Scripting language 12
Cryptographic Hash Functions One-Way Data Compression
© Source unkonwn. All rights reserved. This content is excluded from our Creative Commons license. For more information, see https://ocw.mit.edu/help/faq-fair-use/ Data Commitment 13
Timestamped Append-only Log - Blockchain
Image is in the public domain. 14
Merkle Tree – Binary Data Tree with Hashes
Image is in the public domain. 15
Asymmetric Cryptography & Digital Signatures Guarding against Tampering & Impersonation
Digital Signature with Hash
© Science and Education Publishing. All rights reserved. This content is Shyam Nandan Kumar et al. Review on Network Security and Cryptography. excluded from our Creative Commons license. For more information, see
https://ocw.mit.edu/help/faq-fair-use/ 16
Bitcoin Address Determined by – but not identical to - Public Key
17
© Source unknown. All rights reserved. This content is excluded from our Creative Commons license. For more information, see https://ocw.mit.edu/help/faq-fair-use/
Blockchain – Proof of Work Chained Proof of Work for Distributed Network Consensus & Timestamping
© Cryptographics.info. All rights reserved. This content is excluded from our Creative Commons license. For more information, see https://ocw.mit.edu/help/faq-fair-use/ 18
Native Currency Economic Incentive System
• Bitcoin – BTC
• Reward Created through Coinbase Transaction in each block
• Overall ‘Monetary Policy’ preset in Bitcoin Core
• Reward halves (1/2s) every 210,000 blocks
• Currently 17.3 million BTC; capping at 21 million BTC in 2140
• Market based transaction fee mechanism also provided for in software
19
Network
• Full Nodes – Store full Blockchain & able to Validate all Transactions
• Pruning Nodes – Prune transactions after validation and aging
• Lightweight Nodes - Simplified Payment Verification (SPV) nodes – Store Blockchain Headers only
• Miners – Performs Proof of Work & Create new Blocks - Do not need to be a Full Node
• Mining Pool Operators
• Wallets – Store, View, Send and Receive Transactions & Create Key Pairs
• Mempool – Pool of unconfirmed (yet validated) Transactions 20
Narayanan and Clark’s Chronology of Ideas in Bitcoin
21
© Association for Computing Machinery. This content is excluded from our Creative Commons license. For more information, see https://ocw.mit.edu/help/faq-fair-use/
Who is Satoshi Nakamoto? Results of Ad Hoc Survey of Students
Group Led by Hal Finney Nick Szabo Craig Wright Dorian Nakamoto State Actor - US Government (NSA) or Otherwise
22
Image is in the public domain.
Class 6 (9/25): Study Questions • What are smart contracts? How do they compare to traditional
contracts? What are tokens?
• What are smart contract platforms such as Ethereum? What generally distinguishes them from Bitcoin?
• What are decentralized applications (DApps)? What has been the usage and why haven’t any DApps yet received wide consumeradoption?
23
Class 6 (9/25): Readings Required • ‘Smart Contracts: 12 Use Cases for Business & Beyond’ Chamber of Digital
Commerce • ‘State of the Dapps: 5 Observations from Usage Data’ McCann • ‘Ethereum Competitors: Guide to the Alternative Smart Contract Platforms’
Blockonomi
Optional • ‘Smart Contracts: Building Blocks for Digital Markets’ Szabo • ‘A Next-Generation Smart Contract and Decentralized Application Platform’
Ethereum • ‘Blockchain Technology as a Regulatory Technology’ De Filippi & Hassan
24
Guest Lecturer – Larry Lessig • Harvard Professor of Law and Leadership. • Founder of Stanford Law’s Center for Internet and Society. • Clerked for Justice Antonin Scalia and for Appeals Court Judge Richard Posner. • Awards include the Free Software Foundation’s Freedom Award, Fastcase 50
Award and being named one of Scientific American’s Top 50 Visionaries.
‘Code and Other Laws of Cyberspace’ • Code/architecture – physical or technical constraints • Market – economic forces • Law – explicit mandates by government • Norms – social conventions
25
Conclusions • Nakamoto’s Bitcoin brought us Blockchain Technology
• Blockchain technology is within long history of Money & Ledgers
• Its Design Features also can be placed within history of technology • Timestamped Append-only Logs (Blocks) • Cryptographic Hash Functions & Digital Signatures • Network Consensus
• Key Innovation – Decentralized Chained Consensus Protocol • Addresses ‘Costs of Trust’ • Provides Peer-to-Peer alternative for Money, Ledgers & Computation
26
MIT OpenCourseWare https://ocw.mit.edu/
15.S12 Blockchain and Money Fall 2018
For information about citing these materials or our Terms of Use, visit: https://ocw.mit.edu/terms.
27
